Mission Description

In an increasingly interconnected environment, supply chain security is a major strategic challenge. In order to strengthen our cybersecurity posture and manage third-party risks, we are looking for a Supply Chain & Cybersecurity Expert.

You will play a key role in securing relationships with suppliers, partners, and service providers throughout the contractual and operational lifecycle.

You will work within the IT Security department and report to the IT Security Manager.

The main mission of the IT Security service is to manage and implement IT security at STIB across the entire IT & OT infrastructure.

As an IS Security Risk Expert, your role will be to:

• Define, implement, and maintain the supply chain security strategy (IT and non-IT).
• Identify, analyze, and assess cyber risks related to third parties (suppliers, subcontractors, partners).
• Set up Third Party Risk Management (TPRM) processes.
• Contribute to the drafting and evaluation of security clauses in supplier contracts.
• Conduct maturity assessments, audits, and compliance reviews (ISO 27001, NIS2, etc.).
• Collaborate closely with the Procurement, Legal, IT, Information Security, and Business teams.
• Monitor risk indicators and propose appropriate remediation plans.
• Ensure monitoring of threats, regulations, and best practices related to a cyber-secured supply chain.
• Raise internal stakeholder awareness of third-party cybersecurity issues.

Additional information: The mission can be extended for a maximum duration (including initial duration) of: 880 working days.